Dreambox versions DM500, DM500+, DM500HD, and DM500S suffer from a file download vulnerability through a directory traversal with appending the '/' character in the HTTP GET method of the affected host address. The attacker can get to sensitive information like paid channel keys, usernames, passwords, config and plug-ins info, etc.

Mandriva Linux Security Advisory 2011-083 - This advisory updates wireshark to the latest version (1.2.16), fixing several security issues. The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted.pcap file. Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted.pcap file. The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service via a crafted.pcap file. The updated packages have been upgraded to the latest 1.2.x version which is not vulnerable to these issues.

Secunia Security Advisory - Some vulnerabilities have been reported in Palm WebOS, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.

Secunia Security Advisory - Ubuntu has issued an update for postfix. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

Secunia Security Advisory - SUSE has issued an update for postfix. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

Secunia Security Advisory - Debian has issued an update for postfix. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

Secunia Security Advisory - Debian has issued an update for zodb. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.

Secunia Security Advisory - Debian has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.